Today's enterprises are facing access management challenges that require new levels of protection. For example, enterprises need to provide employees with access to company resources from personal mobile devices. Similarly, some organizations need to grant customers access to applications on the basis of the user's identities on social networking sites. And most organizations need to manage sign-on to cloud services as they would for on-premise applications. Further, organizations are being transformed by the need to provide end-to-end, standards-based security services to their applications, data, web services, and cloud-based or Software as a Service (SaaS) applications. Such business demands are driving organizations to externalize security services, integrate with partners, and evaluate the risk of internal and external transactions. Access management software attempts to addresses these challenges with solutions for controlling access to applications, data, web services, and cloud-based services across and beyond the enterprise.
Currently, access management software works with static pre-defined configurations for authentication workflows. While some access management software allows customers to plug-in custom authentication modules, this model still does not enable true extensibility of the authentication framework. The plug-ins still have to work with pre-defined events and do not get complete control over the authentication process allowing authentication plug-ins to define new workflows dynamically.
Accordingly, what is desired is to solve problems relating to authentication workflows for access management software, some of which may be discussed herein. Additionally, what is desired is to reduce drawbacks relating to authentication workflows for access management software, some of which may be discussed herein.